krb5.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	* init_sec_context.c: Include auth_con.h if CFX_EXERCISE is defined.	Ken Raeburn	2004-01-05	3	-15/+48
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	(make_gss_checksum) [CFX_EXERCISE]: If the key enctype is aes256, insert some stuff after the delegation slot. (new_connection) [CFX_EXERCISE]: Don't send messages with bogus token ids. * accept_sec_context.c (krb5_gss_accept_sec_context): Don't discard the delegation flag; only look for a delegation if the flag is set, and only look for delegation, not other options. Ignore any other data there. ticket: 2079 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15964 dc483132-0cff-0310-8789-dd5450dbe970
*	* util_crypt.c (kg_encrypt, kg_decrypt): Input pointer now points to const.	Ken Raeburn	2003-12-20	4	-5/+12
\| \| \| \| \| \| \|	* gssapiP_krb5.h: Declarations updated. * util_seed.c (zeros): Now const. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15956 dc483132-0cff-0310-8789-dd5450dbe970
*	* init_sec_context.c: Include k5-int.h for accessor	Tom Yu	2003-12-19	2	-0/+5
\| \| \| \| \| \| \|	ticket: 2077 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15944 dc483132-0cff-0310-8789-dd5450dbe970
*	The new functions krb5int_c_mandatory_cksumtype, krb5_ser_pack_int64,	Jeffrey Altman	2003-12-19	4	-9/+41
\| \| \| \| \| \| \| \| \| \| \| \| \|	and krb5_ser_unpack_int64 are considered private. Therefore, in order for them to be used from within gssapi they must be added to the krb5int_accessor mechanism. This allows us to not publicize their existence via exportation on Windows or MacOSX. ticket: new tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15941 dc483132-0cff-0310-8789-dd5450dbe970
*	make depend	Ken Raeburn	2003-12-15	1	-46/+93
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15928 dc483132-0cff-0310-8789-dd5450dbe970
*	Add 64-bit sequence number support. Do sequence number ordering tests relative	Ken Raeburn	2003-12-13	11	-264/+846
\| \| \| \| \| \| \| \| \| \| \| \| \|	to the initial value rather than absolute. Support tokens without pseudo-ASN.1 wrappers. Don't restrict enctype lists. Implement CFX token support. With CFX_EXERCISE defined, use random padding, random rotates, and bogus initial tokens, to exercise the associated code paths. ticket: 2040 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15911 dc483132-0cff-0310-8789-dd5450dbe970
*	Added kg_sync_ccache_name(), kg_get_ccache_name, and kg_set_ccache_name() ↵	Alexandra Ellwood	2003-12-11	5	-33/+177
\| \| \| \| \| \| \| \|	and rewrote gss_krb5_ccache_name() and added a call to kg_sync_ccache_name() to acquire_init_cred() to fix a bug where on systems with multiple ccaches that GSSAPI gets stuck on the ccache that was default when it launched ticket: 2060 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15879 dc483132-0cff-0310-8789-dd5450dbe970
*	krb5_gss_register_acceptor_identity does not allocate enough memory for ↵	Ezra Peisach	2003-07-19	2	-1/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	cached keytab * acquire_cred.c (krb5_gss_register_acceptor_identity): Allocate enough memory to include the null at the end of the keytab char *. Essentially off by one error. ticket: new target_version: 1.3.1 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15699 dc483132-0cff-0310-8789-dd5450dbe970
*	Remove kg_release_defcred and caching of default credential. Rewrite	Tom Yu	2003-07-17	7	-476/+620
\| \| \| \| \| \| \| \| \| \| \| \|	krb5_gss_init_sec_context() while we're at it to make defcred-related changes easier, and as a side effect, fix some error condition memory leaks. ticket: 1365 target_version: 1.3.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15694 dc483132-0cff-0310-8789-dd5450dbe970
*	delete ##WIN16## lines from makefiles	Ken Raeburn	2003-07-17	2	-1/+4
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15691 dc483132-0cff-0310-8789-dd5450dbe970
*	* accept_sec_context.c (krb5_gss_accept_sec_context): Call	Tom Yu	2003-07-15	2	-4/+9
\| \| \| \| \| \| \| \| \| \|	TREAD_STR with correct arguments. Patch from Emily Ratliff. ticket: 1015 tags: pullup target_version: 1.3.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15687 dc483132-0cff-0310-8789-dd5450dbe970
*	* acquire_cred.c (acquire_init_cred): Close the ccache if	Tom Yu	2003-07-10	2	-0/+8
\| \| \| \| \| \| \| \| \| \| \|	krb5_cc_set_flags() fails, as krb5int_cc_default succeeds even if the file is not there, but krb5_cc_set_flags will fail in turning off OPENCLOSE mode if the file can't be opened. Thanks to Kent Wu. ticket: 1656 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15680 dc483132-0cff-0310-8789-dd5450dbe970
*	libgss leaks, UMRs	Tom Yu	2003-06-13	3	-0/+9
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* init_sec_context.c (krb5_gss_init_sec_context): Free default_enctypes to avoid leaking returned value from krb5_get_tgs_ktypes. * k5unseal.c (kg_unseal_v1): Explicitly set token.value to NULL if token.length == 0, to avoid spurious uninitialized memory references when calling memcpy() with a zero length. ticket: new target_version: 1.3 tags: pullup component: krb5-libs cc: Kent_Wu@trendmicro.com git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15619 dc483132-0cff-0310-8789-dd5450dbe970
*	make_ap_req_v1 leaks memory	Tom Yu	2003-06-13	2	-0/+7
\| \| \| \| \| \| \| \| \| \| \| \|	* init_sec_context.c (make_ap_req_v1): Free checksum_data if needed, to avoid leaking memory. Found by Kent Wu. ticket: new target_version: 1.3 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15618 dc483132-0cff-0310-8789-dd5450dbe970
*	make-depend updates	Ken Raeburn	2003-05-24	1	-17/+17
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15490 dc483132-0cff-0310-8789-dd5450dbe970
*	* gssapi_krb5.h: Remove check for GSS_RFC_COMPLIANT_OIDS	Tom Yu	2003-05-13	2	-3/+4
\| \| \| \| \| \| \| \| \|	ticket: 1482 status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15429 dc483132-0cff-0310-8789-dd5450dbe970
*	Rename the local_subkey and remote_subkey fields in the auth_context	Tom Yu	2003-05-10	3	-6/+14
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	to send_subkey and recv_subkey, respectively. Add new APIs to query and set these fields. Change the behavior of mk_req_ext, rd_req_dec, and rd_rep to set both subkeys. Applications wanting to set unidirectional subkeys may still do so by saving the values of subkeys and doing overrides. Cause mk_cred, mk_priv, and mk_safe to never use the recv_subkey. Cause rd_cred, rd_priv, and rd_safe to never use the send_subkey. ticket: 1415 status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15407 dc483132-0cff-0310-8789-dd5450dbe970
*	Do not claim GSS_C_PROT_READY_FLAG since we don't support it	Sam Hartman	2003-03-14	4	-1/+14
\| \| \| \| \| \| \| \| \| \| \| \| \|	Our code does not currently support GSS_C_PROT_READY_FLAG so only return that flag after context establishment. A potential future addition is to support that flag and return GAP_TOKEN if the initiator processes a message token before the final context token. Ticket: 1352 Tags: pullup Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15280 dc483132-0cff-0310-8789-dd5450dbe970
*	* disp_status.c, gssapi_krb5.h, gssapiP_krb5.h: Removed Mac header goober	Alexandra Ellwood	2003-03-06	4	-20/+8
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15253 dc483132-0cff-0310-8789-dd5450dbe970
*	* acquire_cred.c (krb5_gss_register_acceptor_identity): New	Tom Yu	2003-03-06	3	-19/+61
\| \| \| \| \| \| \| \| \| \| \| \|	function. Allows global override of default keytab for gss_acquire_cred() purposes. (acquire_accept_cred): Implement override. * gssapi_krb5.h: Add krb5_gss_register_acceptor_identity. ticket: 880 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15236 dc483132-0cff-0310-8789-dd5450dbe970
*	Do not expect sequence number in encrypted krb_cred	Sam Hartman	2003-03-04	2	-1/+5
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15219 dc483132-0cff-0310-8789-dd5450dbe970
*	GSS_C_NO_CREDENTIAL should accept any principal	Sam Hartman	2003-03-04	5	-40/+62
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	If a context is accepted with GSS_C_NO_CREDENTIAL or if a credential is acquired with GSS_C_NO_NAME as the acceptor name then allow any principal in the keytab to be used as the acceptor name. This means that gss_inquire_cred can return GSS_C_NO_NAME from a credential. ticket: new Tags: enhancement cc: nicolas.williams@sun.com cc: krbdev@mit.edu git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15218 dc483132-0cff-0310-8789-dd5450dbe970
*	There isn't really a point to validating cred_handle if it was just	Tom Yu	2003-03-01	2	-6/+11
\| \| \| \| \| \| \| \| \| \| \| \|	acquired by acquire_cred(), so instead of the suggested patch, validate verifier_cred_handle only if we didn't acquire_cred(). * accept_sec_context.c (krb5_gss_accept_sec_context): Don't validate verifier_cred_handle if GSS_C_NO_CREDENTIAL is passed in. ticket: 1356 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15211 dc483132-0cff-0310-8789-dd5450dbe970
*	Thanks, similar patch applied	Tom Yu	2003-02-25	2	-6/+52
\| \| \| \| \| \| \| \| \|	* set_ccache.c (gss_krb5_ccache_name): Don't return a pointer to freed memory. ticket: 1346 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15205 dc483132-0cff-0310-8789-dd5450dbe970
*	* gssapi_krb5.c (kg_get_defcred): Revert previous; it's probably	Tom Yu	2003-02-24	3	-32/+34
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	not appropriate for inquire_cred() to cause new credentials to be fetched. * init_sec_context.c (krb5_gss_init_sec_context): Explicitly release default cred in the NO_CREDENTIAL case, so it is always refreshed. ticket: 1305 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15201 dc483132-0cff-0310-8789-dd5450dbe970
*	This should fix things, but I don't have an easy way to test	Tom Yu	2003-02-21	2	-15/+37
\| \| \| \| \| \| \| \| \| \|	* gssapi_krb5.c (kg_get_defcred): Check for invalid or expired defcred if it exists, and call acquire_cred() again if necessary. ticket: 1305 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15199 dc483132-0cff-0310-8789-dd5450dbe970
*	* Makefile.in ($(GSSAPI_KRB5_HDR)): Use $(S) to avoid problems on	Tom Yu	2003-02-14	2	-1/+6
\| \| \| \| \| \|	windows. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15189 dc483132-0cff-0310-8789-dd5450dbe970
*	Oops, add $(GSSAPI_KRB5_HDR) to all-unix	Tom Yu	2003-02-13	2	-2/+3
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15186 dc483132-0cff-0310-8789-dd5450dbe970
*	More tweaks to deal with parallel builds	Tom Yu	2003-02-13	2	-9/+10
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15185 dc483132-0cff-0310-8789-dd5450dbe970
*	Have g_token_size return unsigned int for signed/unsigned cleanup	Ezra Peisach	2003-02-09	2	-1/+5
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15171 dc483132-0cff-0310-8789-dd5450dbe970
*	Use markers in Makefile.in rather than rules in configure.in to indicate when	Ken Raeburn	2003-01-10	2	-0/+7
\| \| \| \| \| \| \| \|	to use the lib.in and libobj.in makefile fragments. Pushing this per-directory info into Makefile.in will make it a little easier to work on combining configure scripts for multiple directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15107 dc483132-0cff-0310-8789-dd5450dbe970
*	For new encryption types and for RC4, encrypt the krb_cred message in	Sam Hartman	2003-01-08	2	-51/+93
\| \| \| \| \| \| \| \| \| \|	the initial gssapi token if credentials are being delegated. For consistency with Microsoft, we encrypt the credentials using the session key not the subsession key. Ticket: 1054 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15091 dc483132-0cff-0310-8789-dd5450dbe970
*	Nuke some old .orig files	Ken Raeburn	2003-01-08	2	-96/+4
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15089 dc483132-0cff-0310-8789-dd5450dbe970
*	* accept_sec_context.c (krb5_gss_accept_sec_context): Use unsigned	Ezra Peisach	2002-11-15	8	-12/+31
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	lengths for arguments to g_token_size and g_make_token_header. * export_name.c (krb5_gss_export_name): Change local length variable to unsigned. * k5unseal.c (kg_unseal_v1): Seqnum variable changed from krb5_int32 to krb5_ui_4. * k5seal.c (make_seal_token_v1): Change seqnum argument to krb5_ui_4 from krb5_int32 to match krb5_gss_ctx_id_rec struct. * gssapiP_krb5.h, util_crypt.c, util_seqnum.c: kg_make_seq_num(), kg_get_seq_num() changed to use krb5_ui_4 for sequence numbers. kg_encrypt(), kg_decrypt() length argument now unsigned. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15007 dc483132-0cff-0310-8789-dd5450dbe970
*	Implement an install-headers target to install public headers into KRB5_INCDIR;	Sam Hartman	2002-10-07	2	-1/+5
\| \| \| \| \| \| \| \|	probably called by setting DESTDIR. ticket: 1208 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14912 dc483132-0cff-0310-8789-dd5450dbe970
*	* Makefile.in: Revert $(S)=>/ change, for Windows support	Ken Raeburn	2002-08-29	2	-3/+7
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14786 dc483132-0cff-0310-8789-dd5450dbe970
*	Ignore a bunch of files generated by building in the source tree, excluding	Ken Raeburn	2002-08-29	1	-0/+2
\| \| \| \| \| \| \|	those covered by CVSROOT/cvsignore patterns. Static UNIX build only, at the moment, may need updates for other configurations. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14783 dc483132-0cff-0310-8789-dd5450dbe970
*	Quote targets of some copy operations within the build tree. Needed	Ken Raeburn	2002-08-27	2	-1/+5
\| \| \| \| \| \| \|	now for Windows since we use "/" as a directory separator in places where Windows would also look for command options. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14776 dc483132-0cff-0310-8789-dd5450dbe970
*	Change $(S)=>/ and $(U)=>.. globally	Ken Raeburn	2002-08-23	2	-3/+7
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14761 dc483132-0cff-0310-8789-dd5450dbe970
*	* k5unseal.c (kg_unseal): Pass unsigned int * instead of int *	Ezra Peisach	2002-07-15	3	-2/+10
\| \| \| \| \| \| \| \| \|	length return argument to g_verify_token_header. * accept_sec_context.c (krb5_gss_accept_sec_context): Pass OM_uint32 * instead of krb5_error_code * to krb5_gss_release_cred. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14652 dc483132-0cff-0310-8789-dd5450dbe970
*	* gssapi_krb5.h: Added #include of gssapi.h and gssapi_generic.h	Tom Yu	2002-07-14	5	-9/+96
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	for the Mac because we can't assume people will include them and get the OID macro and the old names on the Mac. * disp_status.c: Updated Mac OS X header paths. * gssapiP_krb5.h: Updated Mac OS X header paths and added prototype on Mac. * gssapi_krb5.h: Updated Mac OS X headers to new framework layout * gssapi_krb5.h, gssapi_krb5.c: Added oids from rfc 1964 using the suggested names. [pullups from 1-2-2-branch] git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14646 dc483132-0cff-0310-8789-dd5450dbe970
*	update dependencies	Ken Raeburn	2002-07-13	1	-6/+12
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14637 dc483132-0cff-0310-8789-dd5450dbe970
*	Get rid of some unused functions and files. Hide	Ken Raeburn	2002-07-13	8	-478/+14
\| \| \| \| \| \|	krb5_gss_internal_release_oid, which is referenced only in its own source file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14636 dc483132-0cff-0310-8789-dd5450dbe970
*	* init_sec_context.c (make_ap_req_v2): Delete unused function	Ken Raeburn	2002-07-12	2	-19/+2
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14631 dc483132-0cff-0310-8789-dd5450dbe970
*	* accept_sec_context.c (rd_and_store_for_creds): Don't declare krb5_mcc_ops	Ken Raeburn	2002-07-12	2	-2/+1
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14630 dc483132-0cff-0310-8789-dd5450dbe970
*	* init_sec_context.c (krb5_gss_init_sec_context): Instead of asking for the	Ken Raeburn	2002-07-12	2	-3/+53
\| \| \| \| \| \| \|	enctypes supported by the GSS code, use that set as a filter on the default enctypes and use the resulting list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14629 dc483132-0cff-0310-8789-dd5450dbe970
*	* accept_sec_context.c (rd_and_store_for_creds): Remove registration of ↵	Ken Raeburn	2002-07-12	2	-1/+5
\| \| \| \| \| \|	memory ccache type git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14628 dc483132-0cff-0310-8789-dd5450dbe970
*	* init_sec_context.c (get_credentials): Delete unused variable	Ken Raeburn	2002-07-01	2	-2/+2
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14594 dc483132-0cff-0310-8789-dd5450dbe970
*	remove gss krb5 mech2 oid and oidset variables	Ken Raeburn	2002-07-01	10	-17/+17
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14592 dc483132-0cff-0310-8789-dd5450dbe970
*	fix some compiler warnings	Ken Raeburn	2002-07-01	3	-11/+21
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14591 dc483132-0cff-0310-8789-dd5450dbe970